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REMARKS 

These remarks are set forth in response to the non-final office action mailed October 4, 
2003 (the "Office Action"). As this amendment has been timely filed within the three-month 
statutory period, neither an extension of time nor a fee is required. Presently, claims 1 through 
1 5 are pending in the Patent Application. In the Office Action, each of claims 1 through 15 have 
been rejected under 35 U.S.C. §§102(e) and 103(a) as being both anticipated and unpatentable by 
and over United States Patent No. 6,377,548 to Chuah issued on April 23, 2002. In response, the 
Applicants respectfully traverse the Examiner's rejections on the art and provide the following 
arguments in support of each of claims 1 through 15 as originally recited in the Patent 
Application. 

Prior to addressing the rejections on the art, a brief review of the Applicant's invention is 
appropriate. The Applicants have invented a new and non-obvious method, system and 
apparatus for defending against attacks by malicious users attempting to disable a server by 
flooding the server with network traffic. In accordance with the present invention and as stated 
beginning in page 2 line 15 of the Patent Application, "the consequences of intentional flooding 
attacks and unintentional overload situations resulting from a burst of connection requests can be 
mitigated by dropping the traditional notion of attempting to distinguish between legitimate and 
illegitimate traffic." Rather, in the present invention, "all network traffic is subjected to a policy 
that attempts to guarantee that legitimate work will be performed and a server v^ll not crash in 
flooding situations, irrespective of whether the flooding is caused by legitimate or illegitimate 
traffic." 
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In operation, in response to a request "from a host for a connection to a port number on a 
server, the number of connections to the port that have been assigned to the host can be 
determined." "If the number of connections exceeds a first threshold, the request for a 
connection can be denied." Yet, the "decision to deny" a connection request can be overridden 
"where a quality of service (QoS) parameter pertaining to the requesting host permits such an 
override." Nevertheless, if the number of available connections to the port falls short of a second 
threshold, the connection request can be denied regardless of the identity of the host. 
Consequently, the policy defined for a number of permissible connections in the aggregate and 
also per host can regulate the number of connections established in the server, whether or not the 
request for a connection with the server can be determined to be legitimate or illegitimate. 

Turning now to the rejections on the art, Chuah has been cited in support of both an 
anticipation type rejection under 35 U.S.C. § 102(e), and also an obviousness type rejection 
under 35 U.S.C. § 103(a). Chuah relates to an on-demand multiple access methodology for the 
efficient utilization of the limited bandwidth available in a vsdreless communications network. In 
particular, in the Chuah methodology, when a remote host requests a connection to a wireless 
base station, the base station first must decide whether to admit the new connection. The 
admission control technique can range from the simplistic in which all new connections are 
admitted so long as the total number of connections admitted remains less than a maximum 
number, to the complex. 

In a complex implementation described in lines thirty-five (35) through forty-four (44) of 
column thirty-seven (37) of the Chuah specification, a strict usage priority admission criterion 
can be applied. In the strict usage priority admission technique, two user priority classes can be 
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defined where the first class has been prioritized over the second. The number of connections 

permitted for the second class can be capped at a fixed number below the maximum number of 

connections available for use in the base station. When a connection request is received from a 

user of the priority class, the connection can be permitted so long as enough connections remain 

available for the use of the requestor. Where no cormections remain available, a connection 

allocated to a member of the second class can be terminated in favor of the requestor of the 

priority class. 

Notably, Chauh teaches the management and control of v\dreless communications in the 
media access control (MAC) layer within data link layer of the seven layer Open Systems 
Interconnection (OSI) reference model. Specifically, as shown in Figure 2 of the Chuah 
specification, MAC fi-ames are processed over an air line in the base station to determine when 
connections can be established between remote hosts/nodes and the base station. While the base 
station can limit the number of connections to a maximum amount, more complex schemes in the 
base station can account for a desired bit rate to account for traffic burstiness in determining a 
maximum number of connections. 

Importantly, it will be recognized that Chuah does not teach the control or management 
of network connections in the transport layer of the OSI reference model as between hosts and 
ports allocable in a server as is well-known in the art of data communications. Rather, Chuah 
relates specifically to wireless base station access control in the data link layer of the OSI 
reference model. In this regard, in the data communications art, to establish a connection 
between two computing devices ordinarily requires the specification of a source and destination 
address and a source and destination port. In the context of the Applicants' invention, as taught 
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in lines 14 through 20 of page 6 of the Patent Application, a connection request specifying a host 

address and server address and a server port can be processed to limit the number of connections 

provided to the host associated with the host address for the specified server port. 

Referring to claims 1, 5, 9 and 13, two principal elements are incorporated as claim 
limitations directed to the foregoing invention. First, it can be determined if a number of 
connections to a specified port assigned to a specified host has exceeded a prescribed threshold. 
Second, if so, the connection can be denied. Significantly, the independent claims of the present 
invention explicitly recite the specification of a server port number and a host requesting a 
connection to the specified server port. In the dependent claims, additional limitations support 
the inventive notion that a blanket policy can be applied to the specified port in which a 
particular host cannot capture more than a threshold number of connections to a specific port. 
The dependent claims fiirther support the inventive notion that specified hosts can exceed the 
blanket policy limiting the number of connections allocable to any one host so long as an 
absolute threshold has not yet been exceeded. 

The foregoing specifically recited elements of the Applicants' invention cannot be 
located within the Chuah reference. In particular, Chuah wholly lacks any reference to receiving 
"a request fi"om a host for a connection to a port number on the server". Chuah fiirther lacks any 
reference to denying the request for a connection "if the number of connections to the port 
assigned to the host exceeds a prescribed threshold." (emphasis added). Importantly, Chuah does 
not teach "overriding the denial and allowing the request if a QoS parameter pertaining to the 
requesting host permits the override." (emphasis added). Rather, Chuah simply teaches the 
prioritized eviction of one class of connection in favor of another as recited in colunm 37, lines 
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41-55 of the Chuah specification. Finally Chuah fails to disclose the concept of disallowing a 

connection notwithstanding the QoS parameter where the number of connections to the port 

exceeds a threshold. 

In conclusion, the teachings of Chuah are not sufficient to support the rejection of any of 
claims 1 through 15. For all of the above reasons, the claim objections are believed to have been 
overcome placing Claims 1 through 15 in condition for allowance, and reconsideration and 
allowance thereof is respectfully requested. The Examiner is encouraged to telephone the 
undersigned to discuss any matter that would expedite allowance of the present application. 

Respectfully submitted, 
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